DEV Community

Rodrigo Fernandes
Rodrigo Fernandes

Posted on

Bastion Host

#aws #devops #security #cloud

Anotações sobre o Bastion Host para ajudar na preparação das certificações AWS.

Até o momento as anotações são para as certificações abaixo:

Image description

Anotações gerais

  • Instância sempre na Subnet Publica

SSH Agent Forwarding

Documentação oficial

  • Copiar a public key para as instâncias que serão acessadas

Step 1: Create Public/Private Key in Remote Client EC2

ssh-keygen
Enter fullscreen mode Exit fullscreen mode

Step 2: Setup Authentication

  • Copy the contents of public key form remote-client to the 
~/.ssh/authorized_keys file of both Bastion and Private EC2.
Enter fullscreen mode Exit fullscreen mode

Step 3: Use SSH Agent Forwarding

  • Run the following commands on the remote-client EC2 instance

Image description

Step 4: Test the Setup

  • From remote-client EC2, run the following command: 
ssh -A [BASTION-EC2-IP]
Enter fullscreen mode Exit fullscreen mode
  • Once you are logged into Bastion, try to connect to Private EC2 
ssh [IP-OF-PRIVATE-EC2]
Enter fullscreen mode Exit fullscreen mode

How to Record SSH Sessions Established Through a Bastion Host

Documentação oficial

Referências

Top comments (0)

Read next

karadza profile image

5 Internal Developer Platforms You Need to Know About!

Juraj -

cicubeteam profile image

How to Use ENV variables in GitHub Actions

CiCube -

nileshprasad137 profile image

Monitoring AWS ECS Deployment failures

Nilesh Prasad -

egeaytin profile image

What is SCIM Provisioning: In-Depth Guide [2024]

Ege Aytin -